Cybersecurity

Exploitation of Openfire CVE-2023-32315: A New Approach

By TFH,

Published on Aug 23, 2023   —   2 min read

Members Only

CVE-2023-32315 is a path traversal vulnerability affecting the Openfire admin console, a well-known open-source chat server. This vulnerability has been exploited in the wild, but a new approach has been discovered by VulnCheck that streamlines the attack process and adeptly bypasses the generation of log entries.

The Vulnerability

Openfire CVE-2023-32315 has been exploited in various ways, but most exploits follow a simple pattern: Use the path traversal to create an administrative user, log in, and then upload a plugin to achieve code execution. However, VulnCheck has demonstrated an improved exploit that avoids creating an administrative user, significantly reducing the amount of logging the attacker introduces.

Real-World Impact

Approximately 50% of the internet-facing Openfire servers are using affected versions. While this is only a few thousand servers, it's a significant number given the server's trusted position associated with chat clients.

This post is for subscribers only

Subscribe now and have access to all our stories, enjoy exclusive content and stay up to date with constant updates.

Subscribe

Already have an account? Sign in

Share on Facebook Share on Linkedin Share on Twitter Send by email

Subscribe to the newsletter

Subscribe to the newsletter for the latest news and work updates straight to your inbox, every week.

Subscribe